Pages

Sunday, October 27, 2013

Quttera's experts were notified on hacked website detected via Online Website Malware Scanner. When accessed the URL it appeared to be defaced, see screenshot below. The domain belongs to Shlomo Sixt - the largest Israeli's vehicle group. From the message in the defacement we can assume that it was done by the same hackers who performed DNS attack on AVG, Avira and WhatsApp earlier this month (image is below as well).

Shlomo Sixt website hacked. Screenshot.

Looks similar to:

AVG, AVira and WhatsApp websites hacked by pro-Palestinian hackers

We haven't found any posts in press about it. It is hard to say whether it was DNS attack like in AVG/Avira/whatsApp case or any other. No official comments by Sixt's representatives found over the internet. We can only say that it was fixed promptly, and hope that no sensitive user data was stolen.

Monday, October 21, 2013

Background

Online Website Malware Scanner processes thousands of websites weekly to identify those who contain suspicious code under the legitimate web content. Detected malware is dumped and included in site scan malware report. Database of the scanned domains is publicly available and you can review malware report per each of them. For this post we selected several recent examples to be present to you because of their obfuscation and maliciousness level.

Blacklisting status

Sample 3

Detected hidden iframe automatically injected by malicious code. Iframe downloads content from the domain that was used to download malware to visitors PC, including 1 vulnerability exploit as per Google Safe Browsing report.